I had a chance earlier this week to visit and speak at Hacker School in New York. Hacker School is an amazing place, billed as a “retreat for programmers”, where a remarkable group of curious and self-motivated people from a wide range of backgrounds put their lives on hold for 12 weeks to gather with like-minded people to learn about programming and spend their evenings (and 21st birthday parties) hearing talks about computability!﻿

I gave a four-session “mini-course” for Microstrategy on Engineering Cryptosystems. It ended up attracting enough interest to be moved from their offices to a nearby movie theater!

The course was targeted to engineers at Microstrategy with no prior experience with cryptography, and designed to give them some ideas of the power of modern cryptography, and to provide enough stories about cryptosystems going bad to convince them not do try to develop their own cryptosystems, and to know enough to ask the right questions of people who do.

“To understand the world, you need to understand computing and programming,” Evans, who is also a computer science professor at University of Virginia, said in an email. “Without understanding computers and how they are programmed, much of the world will increasingly seem like magic.”

…

While Steve Jobs famously talked about computers as bicycles for the mind 20 years ago, computers today are far more powerful and connected worldwide as “super-tanker-sized, hypersonic spaceships of the mind,” said Evans.

“Without learning to program, you can still ride them if you are willing to remove your shoes at the security checkpoint and go where the pilot wants to go,” said Evans, “but if you want to be the one flying, you need to learn about computing.”

Gary and Dave discuss the founding of the Interdisciplinary Major in Computer Science (BA) at UVa and why a broad approach to Computer Science and Computer Security is a good idea, why data privacy gets short shrift in the United States, why people think (for no apparent reason) that their mobile devices are secure, groceries, David’s research on Secure Computation, and the Udacity project. They close out their discussion with a story about David’s trip to the World Cup in Korea and a choice between GEB and scheme.

Not long ago, on a rainy Saturday morning, Professor Dave Evans and I hung out in bed while he tried to explain recursive functions (for the fourth time) and I worked on my homework. Or rather, I hung out in bed, and Evans, a computer science professor at the University of Virginia, hung out on my laptop screen, where I could—click—pause him midsentence and pour myself another cup of coffee.

“Computer Science 101: Building a Search Engine” was one of Udacity’s first offerings, and for seven weeks this spring, Evans was teaching me and 30,000 others to write enough Python—a basic programming language—to create a mini Google. We started with basics, including the difference between a computer and a toaster, and “bits” versus “bytes.” Then we went back in time for a little nerd history, from Augusta Ada King, Lord Byron’s daughter and the world’s first “programmer,” to PageRank, the search algorithm that powers Google.

Evans is the kind of nerdy savant whose gap-tooth smile and Monty Python humour attract a cult following on campus. (As an academic, he’s also a world-class cryptographer.) Thrun and Stavens found him in November 2011, flew him to Palo Alto in December, and by January he was crammed in a makeshift recording studio—still in Thrun’s guesthouse—rejigging his standard university curriculum into a Udacity one.

It is anyone’s guess how the 32 teams in the 2010 World Cup will be grouped by the draw Friday in South Africa, but one thing is for sure: the event will elicit sightings of things as far-fetched as U.F.O.’s and the Virgin Mary’s image on a potato chip.

…

Yet conspiracy theories abound. In 2005, the issue was part of a final exam in a cryptology course at the University of Virginia.

After the 1994 World Cup draw placed the host USA in a very difficult
group, the USA coach, Bora Milutinovic, is reputed to have complained
that the US organizing committee was so incompetent they couldn’t even
rig the draw properly. For purposes of this question, assume the DFB
(German soccer federation) which is hosting the 2006 World Cup does not
suffer from such incompetence.

The draw assigns each qualified team to a group (one of eight, A-H) and
position (1-4). For example, in the 2002 draw the USA was assigned D3.
The host country is placed into position A1.

The protocol for the draw for the 2006 World Cup finals has not been
announced yet, but assume it will follow a protocol similar to this one
which was used in 2002:

Before the draw event:

The name of each finalist (except the host country which is placed
in position A1) is printed on a slip of paper which is placed in a
white, spherical ball. The ball is made of two hemispheres that connect
to each other, and can be separated to insert or remove the paper. The
balls are placed into different bowls based on a partitioning determined
by FIFA.

The letter name to identify each group (A, B, C, D, E, F, G, H) is
printed on a slip of paper and placed in a red, spherical ball. All the
red balls are placed in a bowl.

The position number (1, 2, 3, 4) is printed on a slip of paper and
placed in a blue, spherical ball. There are eight bowls of the four
numbers, one corresponding to each group A-H. (In the bowl for A, only
three balls with numbers 2, 3 and 4 are used, since the host country was
preassigned to position A1).

At the draw event:

A well-known celebrity picks a white ball from one of the country
bowls and hands it to Sepp Blatter, the President of FIFA.

Blatter unscrews the ball, extracts the slip of paper, reads the
country name, and holds it up so everyone can see. After reading the
slip, it is placed in a trash bin that is not examined after the draw.

A different well-known celebrity picks a red ball from the
group bowl and hand it to Blatter.

Blatter unscrews the ball, extracts the slip of paper, reads the
group name, and holds it up so everyone can see.

A different well-known celebrity picks a blue ball from the
positions bowl corresponding to the selected group and hand it to Blatter.

Blatter unscrews the ball, extracts the slip of paper, reads the
position number, and holds it up so everyone can see.

Note that at the end of the draw, all balls have been opened. It is a
check on the protocol that all positions, groups and countries have been
seen by the end. The actual slips of paper are destroyed (without
examination) after the draw.

You should assume both the DFB who is hosting the draw, and Sepp
Blatter, are both highly motivated to rig the results to ensure an easy
path to the second round for the host country. Well-known celebrities
are used to pick the balls to ensure a low likelihood that a selector
can be corrupted. The pre-draw steps are done in secret by the DFB.
The draw event itself is witnessed by thousands of people live and in
person and approximately a billion people live on TV around the world
(it is the world’s most watched televised event that is not a soccer
game).

Analyze the security of the World Cup draw procedure as described
above. Either describe tactics the DFB could use to improve the
likelihood that Germany get a favorable draw, or argue that the
procedure is secure and there is no reasonable way of effecting the
result. If you identify security weaknesses in the draw protocol,
suggest modifications that would make it more secure.

(Note: this question should in no way be interpreted as
questioning the integrity of FIFA or the DFB, especially if they are
using RFID tags to track my tickets’ whereabouts.)

Comments:There are lots of weaknesses in the described protocol
(which does not match the actual world cup draw protocol which may have even more vulnerabilities) that could be used to alter the draw outcome.

The least risky way of rigging the draw would be to adjust the weights of the balls to increase the likelihood that certain balls end up on the outside edge of the bowl and will be picked early. This can effect the probabilities of getting certain teams in Germany’s group, and involves little risk of getting caught (as long as the process of loading the balls is done in secret by trusted (but not trustworthy) people).

A riskier, but more certain, way of fixing the draw would be to put two slips in some of the balls. Blatter would need to be able to pick the right slip without anyone noticing him doing so. The easiest way would be to have two slips of different length that are attached with a very weak adhesive. Blatter knows that the shorter slip has the strong team and the longer slip has the weak team. There are two balls with two slips, so Blatter will need to remember for the next ball to pick the opposite one. This allows control of two teams, which is not enough to control the whole draw, but is enough to give Germany one easier team.

Blatter could also have a slip “up his sleeve” with a desirable team name on it, but it would be difficult to pull of any sleight of hand tricks without getting caught.

Some improvements that would make cheating more difficult would be to have an independent third party create the balls in public, to have a multiple-readers strategy like in the Pope election where several people examine each slip in public, to have the celebrities (considered uncorruptable) not only pick the ball but open it and examine the slip before it is read, and to have all the balls selected before any one it opened (to prevent any attacks that depend on knowing what was in the previous ball to pick a desirable ball).

From the NYT article, I may be mistaken about the rumors of Bora Milutinovic’s comments about the 1994 draw. Perhaps it was really Bruce Arena’s quote about the draw for the 1996 Olympics, quoted in the NYT article which is presumably a fairly reputable source.

As for tomorrow’s draw, so long as the US doesn’t end up in a group with Brazil, France, and Ivory Coast, I’m willing to assume its not rigged.